CVE-2011-4953
Publication date 27 October 2014
Last updated 24 July 2024
Ubuntu priority
The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet.
Status
Package | Ubuntu Release | Status |
---|---|---|
cobbler | 13.04 raring |
Fixed 2.2.2-0ubuntu1
|
12.10 quantal |
Fixed 2.2.2-0ubuntu1
|
|
12.04 LTS precise |
Fixed 2.2.2-0ubuntu1
|
|
11.10 oneiric | Ignored end of life | |
11.04 natty | Ignored end of life | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release |